Linux Security News
SecurityFocus Linux Newsletter #439 May 28 2009 11:14PM
sfa securityfocus com
SecurityFocus Linux Newsletter #439
----------------------------------------

This issue is sponsored by Thawte

SExtended Validation SSL Certificates: Inspire Trust, Improve Confidence and Increase Sales

Extended Validation SSL delivers the acknowledged industry standard for the highest level of online identity assurance processes for SSL certificate issuance. Find out how the EV standard increases the visibility of authentication status through the use of a green address bar in the latest high security web browsers.

http://www.dinclinx.com/Redirect.aspx?36;5004;25;1371;0;3;946;54442f0f21
4c470a

SECURITY BLOGS
SecurityFocus has selected a few syndicated sources that stand out as conveying topics of interest for our community. We are proud to offer content from Matasano at this time and will be adding more in the coming weeks.
http://www.securityfocus.com/blogs

------------------------------------------------------------------
I. FRONT AND CENTER
1.A Botnet by Any Other Name
2.Projecting Borders into Cyberspace
II. LINUX VULNERABILITY SUMMARY
1. NTP 'ntpd' Autokey Stack Buffer Overflow Vulnerability
2. NSD 'packet.c' Off-By-One Buffer Overflow Vulnerability
3. Novell GroupWise Internet Agent Email Address Processing Buffer Overflow Vulnerability
4. Novell GroupWise Internet Agent SMTP Request Processing Buffer Overflow Vulnerability
5. Pidgin Multiple Buffer Overflow Vulnerabilities
6. IPFilter 'ippool' 'lib/load_http.c' Local Buffer Overflow Vulnerability
7. Wireshark PCNFSD Dissector Denial of Service Vulnerability
8. Ston3D S3DPlayer Web and StandAlone 'system.openURL()' Remote Command Injection Vulnerability
9. pam_krb5 Existing/Non-Existing Username Enumeration Weakness
10. Simple Machines Forum 'image/bmp' MIME Type HTML Injection Vulnerability
III. LINUX FOCUS LIST SUMMARY
1. curuncula dbr rootkit detection tool
IV. UNSUBSCRIBE INSTRUCTIONS
V. SPONSOR INFORMATION

I. FRONT AND CENTER
---------------------
1. A Botnet by Any Other Name
By Gubter Ollmann
The news has been awash the last few weeks with fears over globe-spanning botnets and their criminal intent: Conficker managed to hog the limelight for well over a month, and then came Finjan's disclosure of a previously unknown - and currently unnamed - botnet consisting of some 1.9 million malicious agents.
http://www.securityfocus.com/columnists/501

2.Projecting Borders into Cyberspace
By Jeffrey Carr
Two recent stories of significant cyber attacks come close to blaming the Chinese for the intrusions but stop short.
http://www.securityfocus.com/columnists/500

II. LINUX VULNERABILITY SUMMARY
------------------------------------
1. NTP 'ntpd' Autokey Stack Buffer Overflow Vulnerability
BugTraq ID: 35017
Remote: Yes
Date Published: 2009-05-18
Relevant URL: http://www.securityfocus.com/bid/35017
Summary:
The 'ntpd' daemon is prone to a stack-based buffer-overflow vulnerability when it is configured to use the 'autokey' OpenSSL protocol.

Attackers can exploit this issue to execute arbitrary code in the context of the application. Failed attempts will likely crash the application, causing denial-of-service conditions.

2. NSD 'packet.c' Off-By-One Buffer Overflow Vulnerability
BugTraq ID: 35029
Remote: Yes
Date Published: 2009-05-19
Relevant URL: http://www.securityfocus.com/bid/35029
Summary:
NSD is prone to an off-by-one buffer-overflow vulnerability because the server fails to perform adequate boundary checks on user-supplied data.

Successfully exploiting this issue will allow attackers to execute arbitrary code within the context of the affected server. Failed exploit attempts will result in a denial-of-service condition.

Versions prior to NSD 3.2.2 are vulnerable.

3. Novell GroupWise Internet Agent Email Address Processing Buffer Overflow Vulnerability
BugTraq ID: 35064
Remote: Yes
Date Published: 2009-05-21
Relevant URL: http://www.securityfocus.com/bid/35064
Summary:
Novell GroupWise Internet Agent is prone to a remote buffer-overflow vulnerability.

An attacker can exploit this issue to execute arbitrary code within the context of the affected application, possibly with root or SYSTEM-level privileges. Failed exploit attempts will result in a denial-of-service condition.

4. Novell GroupWise Internet Agent SMTP Request Processing Buffer Overflow Vulnerability
BugTraq ID: 35065
Remote: Yes
Date Published: 2009-05-21
Relevant URL: http://www.securityfocus.com/bid/35065
Summary:
Novell GroupWise Internet Agent is prone to a remote buffer-overflow vulnerability.

An attacker can exploit this issue to execute arbitrary code within the context of the affected application, possibly with root or SYSTEM-level privileges. Failed exploit attempts will result in a denial-of-service condition.

5. Pidgin Multiple Buffer Overflow Vulnerabilities
BugTraq ID: 35067
Remote: Yes
Date Published: 2009-05-21
Relevant URL: http://www.securityfocus.com/bid/35067
Summary:
Pidgin is prone to multiple buffer-overflow vulnerabilities because it fails to perform adequate boundary checks on user-supplied data.

Successful exploits may allow attackers to execute arbitrary code with the privileges of a user running the software or cause denial-of-service conditions.

Versions prior to Pidgin 2.5.6 are vulnerable.

6. IPFilter 'ippool' 'lib/load_http.c' Local Buffer Overflow Vulnerability
BugTraq ID: 35076
Remote: No
Date Published: 2009-05-22
Relevant URL: http://www.securityfocus.com/bid/35076
Summary:
IPFilter is prone to a local buffer-overflow vulnerability because it fails to adequately bounds-check user-supplied input.

Local attackers can exploit this issue to execute arbitrary code in the context of the affected application or to gain kernel-level privileges. Failed attempts will cause denial-of-service conditions.

IPFilter 4.1.31 is vulnerable; other versions may also be affected.

7. Wireshark PCNFSD Dissector Denial of Service Vulnerability
BugTraq ID: 35081
Remote: Yes
Date Published: 2009-05-21
Relevant URL: http://www.securityfocus.com/bid/35081
Summary:
Wireshark is prone to a denial-of-service vulnerability.

Exploiting this issue may allow attackers to cause the application to crash.

This issue affects Wireshark 0.8.20 through 1.0.7.

8. Ston3D S3DPlayer Web and StandAlone 'system.openURL()' Remote Command Injection Vulnerability
BugTraq ID: 35105
Remote: Yes
Date Published: 2009-05-28
Relevant URL: http://www.securityfocus.com/bid/35105
Summary:
S3DPlayer Web and StandAlone are prone to a remote command-injection vulnerability because they fail to adequately sanitize user-supplied input data.

Attackers can exploit this issue to execute arbitrary commands, within the context of the affected application.

9. pam_krb5 Existing/Non-Existing Username Enumeration Weakness
BugTraq ID: 35112
Remote: Yes
Date Published: 2009-05-27
Relevant URL: http://www.securityfocus.com/bid/35112
Summary:
The 'pam_krb5' module is prone to a username-enumeration weakness because it displays different responses to login attempts, depending on whether or not the username exists.

Attackers may exploit this weakness to discern valid usernames. This may aid them in brute-force password cracking or other attacks.

This issue affects pam_krb5 2.2.14; other versions may also be affected.

10. Simple Machines Forum 'image/bmp' MIME Type HTML Injection Vulnerability
BugTraq ID: 35130
Remote: Yes
Date Published: 2009-05-28
Relevant URL: http://www.securityfocus.com/bid/35130
Summary:
Simple Machines Forum (SMF) is prone to an HTML-injection vulnerability because the application fails to properly sanitize user-supplied input.

Attacker-supplied HTML and script code would run in the context of the affected browser, potentially allowing the attacker to steal cookie-based authentication credentials or to control how the site is rendered to the user. Other attacks are also possible.

NOTE: This issue was originally documented as a cross-site scripting vulnerability. After further analysis, the BID has been rewritten as an HTML-injection issue.

III. LINUX FOCUS LIST SUMMARY
---------------------------------
1. curuncula dbr rootkit detection tool
http://www.securityfocus.com/archive/91/502934

IV. UNSUBSCRIBE INSTRUCTIONS
-----------------------------
To unsubscribe send an e-mail message to linux-secnews-unsubscribe (at) securityfocus (dot) com [email concealed] from the subscribed address. The contents of the subject or message body do not matter. You will receive a confirmation request message to which you will have to answer. Alternatively you can also visit http://www.securityfocus.com/newsletters and unsubscribe via the website.

If your email address has changed email listadmin (at) securityfocus (dot) com [email concealed] and ask to be manually removed.

V. SPONSOR INFORMATION
------------------------
This issue is sponsored by Thawte

SExtended Validation SSL Certificates: Inspire Trust, Improve Confidence and Increase Sales

Extended Validation SSL delivers the acknowledged industry standard for the highest level of online identity assurance processes for SSL certificate issuance. Find out how the EV standard increases the visibility of authentication status through the use of a green address bar in the latest high security web browsers.

http://www.dinclinx.com/Redirect.aspx?36;5004;25;1371;0;3;946;54442f0f21
4c470a

[ reply ]


 

Privacy Statement
Copyright 2010, SecurityFocus